This pages lists some of the many security-related projects that the Computer Science Laboratory has participated in.
Enclaves 1.0 has been designed, implemented, and demonstrated. It currently runs over Unix on SunOS, Solaris, and also Linux on Intel PCs. A CSL report on Enclaves is currently in review, authored by Steve Keung and Li Gong. [Gong]
A lot of research issues pop up now and then in the SRI CSL security group, including secure labelling (papers appeared in IEEE Transaction on Knowledge and Data Engineering (1995), and IEEE Symposium on Security and Privacy (1996), and collisionful keyed one-way hash functions (paper appeared in Information Processing Letters, 1995). [Gong and Qian]
The PSOS umbrella also supported CSL's early work on Information Flow. Given the HDM SPECIAL specifications for a security kernel, Rich Feiertag's flow analyzer (report CSL-109) produced would-be theorems that were fed to the Boyer-Moore theorem prover. This approach was used to analyze the multilevel security of KSOS (Ford Aerospace's Kernelized Secure Operating System), and found security flaws and covert channels in 16 of the 34 kernel functions. (The generation of would-be theorems and their proof efforts took 2.5 hours to run.)
Also under the PSOS project aegis, Goguen and Meseguer wrote and published the much cited pair of papers on noninterference and unwinding for the 1982 and 1984 IEEE Symposiums on Security and Privacy, Oakland, California. Their security model has been the basis for much later work elsewhere, including restrictiveness (nondeterministic noninterference). In addition, the early work on EHDM and its new specification language Revised Special began under the PSOS rubric.